[cisco-nas] pptp connection to 2600 with Windows VPN failing.

Joseph Mays mays at win.net
Wed Dec 12 17:56:00 EST 2012


BTW, yes, I am aware that I left the passwords for ftp etc in the config. They've already been changed.

  ----- Original Message ----- 
  From: Joseph Mays 
  To: cisco-nas at puck.nether.net 
  Sent: Wednesday, December 12, 2012 5:11 PM
  Subject: [cisco-nas] pptp connection to 2600 with Windows VPN failing.


  Trying to make a vpdn setup work from a windows vpn client to a cisco 2600. I had this working for a while, but then after one minor config change by someone else it stopped working. That change shouldn't have broken anything, but I backed it out nonetheless and the connection is still not working again.

  I think it's breaking during the LCP negotiation, before authentication even occurs. Here's what I get from PPP debugging. Notice that it never gets to the authentication phase. I will attach relevant portions of the config afterwards.

  genisis#show debug
  PPP:
    PPP detailed event debugging is on
    PPP authentication debugging is on
    PPP protocol errors debugging is on
    PPP protocol negotiation debugging is on



  genisis#
  genisis#term mon
  genisis#
  *Mar  1 02:26:32.559: Se0/0 PPP: Outbound cdp packet dropped, CDPCP state is Listen
  *Mar  1 02:26:39.415:  EVT: Dynamic Bind 0 0x82C3989C
  *Mar  1 02:26:39.415: ppp13 EVT: Cstate 4 0x00000000
  *Mar  1 02:26:39.415: ppp13 PPP: Using vpn set call direction
  *Mar  1 02:26:39.415: ppp13 PPP: Treating connection as a callin
  *Mar  1 02:26:39.415: ppp13 PPP: Phase is ESTABLISHING, Passive Open
  *Mar  1 02:26:39.415: ppp13 LCP: State is Listen
  *Mar  1 02:26:39.439: ppp13 EVT: Packet 0 0x8332C29C
  *Mar  1 02:26:39.439: ppp13 LCP: I CONFREQ [Listen] id 0 len 21
  *Mar  1 02:26:39.439: ppp13 LCP:    MRU 1400 (0x01040578)
  *Mar  1 02:26:39.439: ppp13 LCP:    MagicNumber 0x4FC8505D (0x05064FC8505D)
  *Mar  1 02:26:39.439: ppp13 LCP:    PFC (0x0702)
  *Mar  1 02:26:39.439: ppp13 LCP:    ACFC (0x0802)
  *Mar  1 02:26:39.439: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:39.439: ppp13 PPP: Authorization required
  *Mar  1 02:26:39.439: ppp13 LCP: O CONFREQ [Listen] id 1 len 15
  *Mar  1 02:26:39.443: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
  *Mar  1 02:26:39.443: ppp13 LCP:    MagicNumber 0x0F0968D2 (0x05060F0968D2)
  *Mar  1 02:26:39.443: ppp13 LCP: O CONFREJ [Listen] id 0 len 7
  *Mar  1 02:26:39.443: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:41.431: ppp13 EVT: Packet 0 0x830D1F30
  *Mar  1 02:26:41.431: ppp13 LCP: I CONFREQ [REQsent] id 1 len 21
  *Mar  1 02:26:41.431: ppp13 LCP:    MRU 1400 (0x01040578)
  *Mar  1 02:26:41.431: ppp13 LCP:    MagicNumber 0x4FC8505D (0x05064FC8505D)
  *Mar  1 02:26:41.431: ppp13 LCP:    PFC (0x0702)
  *Mar  1 02:26:41.431: ppp13 LCP:    ACFC (0x0802)
  *Mar  1 02:26:41.431: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:41.431: ppp13 LCP: O CONFREJ [REQsent] id 1 len 7
  *Mar  1 02:26:41.431: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:41.451: ppp13 LCP: TIMEout: State REQsent
  *Mar  1 02:26:41.451: ppp13 LCP: O CONFREQ [REQsent] id 2 len 15
  *Mar  1 02:26:41.451: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
  *Mar  1 02:26:41.451: ppp13 LCP:    MagicNumber 0x0F0968D2 (0x05060F0968D2)
  *Mar  1 02:26:43.467: ppp13 LCP: TIMEout: State REQsent
  *Mar  1 02:26:43.467: ppp13 LCP: O CONFREQ [REQsent] id 3 len 15
  *Mar  1 02:26:43.467: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
  *Mar  1 02:26:43.467: ppp13 LCP:    MagicNumber 0x0F0968D2 (0x05060F0968D2)
  *Mar  1 02:26:44.431: ppp13 EVT: Packet 0 0x830D2E1C
  *Mar  1 02:26:44.435: ppp13 LCP: I CONFREQ [REQsent] id 2 len 21
  *Mar  1 02:26:44.435: ppp13 LCP:    MRU 1400 (0x01040578)
  *Mar  1 02:26:44.435: ppp13 LCP:    MagicNumber 0x4FC8505D (0x05064FC8505D)
  *Mar  1 02:26:44.435: ppp13 LCP:    PFC (0x0702)
  *Mar  1 02:26:44.435: ppp13 LCP:    ACFC (0x0802)
  *Mar  1 02:26:44.435: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:44.435: ppp13 LCP: O CONFREJ [REQsent] id 2 len 7
  *Mar  1 02:26:44.435: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:45.483: ppp13 LCP: TIMEout: State REQsent
  *Mar  1 02:26:45.483: ppp13 LCP: O CONFREQ [REQsent] id 4 len 15
  *Mar  1 02:26:45.483: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
  *Mar  1 02:26:45.483: ppp13 LCP:    MagicNumber 0x0F0968D2 (0x05060F0968D2)
  *Mar  1 02:26:47.499: ppp13 LCP: TIMEout: State REQsent
  *Mar  1 02:26:47.499: ppp13 LCP: O CONFREQ [REQsent] id 5 len 15
  *Mar  1 02:26:47.499: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
  *Mar  1 02:26:47.499: ppp13 LCP:    MagicNumber 0x0F0968D2 (0x05060F0968D2)
  *Mar  1 02:26:48.427: ppp13 EVT: Packet 0 0x830D3118
  *Mar  1 02:26:48.431: ppp13 LCP: I CONFREQ [REQsent] id 3 len 21
  *Mar  1 02:26:48.431: ppp13 LCP:    MRU 1400 (0x01040578)
  *Mar  1 02:26:48.431: ppp13 LCP:    MagicNumber 0x4FC8505D (0x05064FC8505D)
  *Mar  1 02:26:48.431: ppp13 LCP:    PFC (0x0702)
  *Mar  1 02:26:48.431: ppp13 LCP:    ACFC (0x0802)
  *Mar  1 02:26:48.431: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:48.431: ppp13 LCP: O CONFREJ [REQsent] id 3 len 7
  *Mar  1 02:26:48.431: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:49.515: ppp13 LCP: TIMEout: State REQsent
  *Mar  1 02:26:49.515: ppp13 LCP: O CONFREQ [REQsent] id 6 len 15
  *Mar  1 02:26:49.515: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
  *Mar  1 02:26:49.515: ppp13 LCP:    MagicNumber 0x0F0968D2 (0x05060F0968D2)
  *Mar  1 02:26:51.531: ppp13 LCP: TIMEout: State REQsent
  *Mar  1 02:26:51.531: ppp13 LCP: O CONFREQ [REQsent] id 7 len 15
  *Mar  1 02:26:51.531: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
  *Mar  1 02:26:51.531: ppp13 LCP:    MagicNumber 0x0F0968D2 (0x05060F0968D2)
  *Mar  1 02:26:52.431: ppp13 EVT: Packet 0 0x830CFB60
  *Mar  1 02:26:52.431: ppp13 LCP: I CONFREQ [REQsent] id 4 len 21
  *Mar  1 02:26:52.431: ppp13 LCP:    MRU 1400 (0x01040578)
  *Mar  1 02:26:52.431: ppp13 LCP:    MagicNumber 0x4FC8505D (0x05064FC8505D)
  *Mar  1 02:26:52.435: ppp13 LCP:    PFC (0x0702)
  *Mar  1 02:26:52.435: ppp13 LCP:    ACFC (0x0802)
  *Mar  1 02:26:52.435: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:52.435: ppp13 LCP: O CONFREJ [REQsent] id 4 len 7
  *Mar  1 02:26:52.435: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:53.547: ppp13 LCP: TIMEout: State REQsent
  *Mar  1 02:26:53.547: ppp13 LCP: O CONFREQ [REQsent] id 8 len 15
  *Mar  1 02:26:53.547: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
  *Mar  1 02:26:53.547: ppp13 LCP:    MagicNumber 0x0F0968D2 (0x05060F0968D2)
  *Mar  1 02:26:55.563: ppp13 LCP: TIMEout: State REQsent
  *Mar  1 02:26:55.563: ppp13 LCP: O CONFREQ [REQsent] id 9 len 15
  *Mar  1 02:26:55.563: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
  *Mar  1 02:26:55.563: ppp13 LCP:    MagicNumber 0x0F0968D2 (0x05060F0968D2)
  *Mar  1 02:26:56.431: ppp13 EVT: Packet 0 0x830D0D48
  *Mar  1 02:26:56.431: ppp13 LCP: I CONFREQ [REQsent] id 5 len 21
  *Mar  1 02:26:56.431: ppp13 LCP:    MRU 1400 (0x01040578)
  *Mar  1 02:26:56.431: ppp13 LCP:    MagicNumber 0x4FC8505D (0x05064FC8505D)
  *Mar  1 02:26:56.431: ppp13 LCP:    PFC (0x0702)
  *Mar  1 02:26:56.431: ppp13 LCP:    ACFC (0x0802)
  *Mar  1 02:26:56.431: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:56.431: ppp13 LCP: O CONFREJ [REQsent] id 5 len 7
  *Mar  1 02:26:56.431: ppp13 LCP:    Callback 6  (0x0D0306)
  *Mar  1 02:26:57.579: ppp13 LCP: TIMEout: State REQsent
  *Mar  1 02:26:57.579: ppp13 LCP: O CONFREQ [REQsent] id 10 len 15
  *Mar  1 02:26:57.579: ppp13 LCP:    AuthProto MS-CHAP (0x0305C22380)
  *Mar  1 02:26:57.579: ppp13 LCP:    MagicNumber 0x0F0968D2 (0x05060F0968D2)
  *Mar  1 02:26:59.595: ppp13 LCP: TIMEout: State REQsent
  *Mar  1 02:26:59.595: ppp13 LCP: O TERMREQ [REQsent] id 10 len 4
  *Mar  1 02:26:59.595: ppp13 PPP: Phase is TERMINATING
  *Mar  1 02:26:59.595: ppp13 LCP: State is Listen
  *Mar  1 02:26:59.595: ppp13 EVT: Hard Disc 0 0x00000000
  *Mar  1 02:26:59.595: ppp13 PPP: Sending Acct Event[Down] id[11]
  *Mar  1 02:26:59.595: ppp13 LCP: State is Closed
  *Mar  1 02:26:59.595: ppp13 PPP: Phase is DOWN
  *Mar  1 02:26:59.599: ppp13 EVT: Free PPP 0 0x00000000


  ==========

  genisis#show run
  Building configuration...

  Current configuration : 2791 bytes
  !
  version 12.3
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  !
  hostname genisis
  !
  boot-start-marker
  boot-end-marker
  !
  logging buffered 4096 informational
  enable secret 5 xxxxxxxxxxxxxxxxxxxxxx.
  enable password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxx
  !
  username johndoe password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxx
  username angela password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
  username admin privilege 15 password 7 xxxxxxxxxxxxxxxxxxxxxxxxxx
  no network-clock-participate slot 1
  no network-clock-participate wic 0
  aaa new-model
  !
  !
  aaa authentication ppp default local
  aaa authorization network default if-authenticated
  aaa session-id common
  ip subnet-zero
  no ip cef
  !
  !
  ip ftp username launchpad
  ip ftp password 7 045907071C3543480F
  no ip domain lookup
  no ip dhcp conflict logging
  ip dhcp excluded-address 10.10.2.150 10.10.2.255
  ip dhcp excluded-address 10.10.2.0 10.10.2.50
  !
  ip dhcp pool genesis-pc-dhcp-pool
     network 10.10.2.0 255.255.255.0
     dns-server 216.24.27.3
     default-router 10.10.2.1
  !
  no ip bootp server
  ip audit po max-events 100
  vpdn enable
  !
  vpdn-group 1
  ! Default PPTP VPDN group
   accept-dialin
    protocol pptp
    virtual-template 1
   local name gen-vpn
  !
  no ftp-server write-enable
  !
  !
  !
  voice call carrier capacity active
  !
  voice class codec 1
   codec preference 1 g711ulaw
   codec preference 2 g729r8
  !
  !
  !
  !
  !
  !
  !
  !
  !
  !
  !
  class-map match-all dscp-ef
    match ip dscp ef
  !
  !
  policy-map queue-on-dscp
   description Prioritizes voice traffic first, signalling next.
    class dscp-ef
     priority percent 75
    class class-default
     fair-queue
     random-detect dscp-based
  !
  !
  !
  !
  !
  !
  interface FastEthernet0/0
   ip address 24.235.18.81 255.255.255.240 secondary
   ip address 10.10.2.1 255.255.255.0 secondary
   ip address 24.235.1.17 255.255.255.248
   no ip redirects
   ip nat inside
   service-policy output queue-on-dscp
   logging event subif-link-status
   duplex auto
   speed auto
  !
  interface Serial0/0
   description T1 to WinNET (UNE-DS1-003-004, HCFD.687777..NB)
   ip address 24.235.2.42 255.255.255.252
   no ip redirects
   ip nat outside
   service-policy output queue-on-dscp
   encapsulation ppp
   logging event subif-link-status
   auto qos voip trust
   service-module t1 timeslots 1-24
  !
  interface Virtual-Template1
   ip unnumbered FastEthernet0/0
   ip mroute-cache
   peer default ip address pool VPN-IN
   ppp encrypt mppe 40 required
   ppp authentication ms-chap
  !
  ip local pool VPN-IN 10.10.2.160 10.10.2.164
  ip nat inside source list 50 interface Serial0/0 overload
  no ip http server
  no ip http secure-server
  ip classless
  ip route 0.0.0.0 0.0.0.0 Serial0/0
  !
  !
  access-list 50 permit 10.10.2.0 0.0.0.255
  !
  rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for Voice Drops" owner AutoQo
  !
  !
  !
  !
  !
  !
  !
  line con 0
  line aux 0
  line vty 0 4
   password 7 1415425B18072B2634
  !
  !
  end

  genisis#



------------------------------------------------------------------------------


  _______________________________________________
  cisco-nas mailing list
  cisco-nas at puck.nether.net
  https://puck.nether.net/mailman/listinfo/cisco-nas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-nas/attachments/20121212/7d9c45ee/attachment-0001.html>


More information about the cisco-nas mailing list